Authentication Vulnerabilities - Lab #11 Password reset poisoning via middleware | Short Version

In this video, we cover Lab #11 in the Authentication module of the Web Security Academy. This lab is vulnerable to password reset poisoning. The user carlos will carelessly click on any links in emails that he receives. To solve the lab, we log in to Carlos's account. You can log in to your own account using the following credentials: wiener:peter. Any emails sent to this account can be read via the email client on the exploit server. ▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬ Buy my course: https://academy.ranakhalil.com/p/web-... ▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬ Notes.txt document: https://github.com/rkhal101/Web-Secur... Web Security Academy Lab Exercise: https://portswigger.net/web-security/... Rana's Twitter account:   / rana__khalil  

Join Today
Authentication Vulnerabilities - Lab #12 Password brute-force via password change | Short Version
▶︎

Authentication Vulnerabilities - Lab #12 Password brute-force via password change | Short Version

Authentication Vulnerabilities - Lab #11 Password reset poisoning via middleware | Long Version
▶︎

Authentication Vulnerabilities - Lab #11 Password reset poisoning via middleware | Long Version

Authentication Vulnerabilities - Lab #10 Offline password cracking | Short Version
▶︎

Authentication Vulnerabilities - Lab #10 Offline password cracking | Short Version

Passkeys SUCK (here’s why + how I use them)
▶︎

Passkeys SUCK (here’s why + how I use them)

Norwegen – Frankreich Highlights | Gruppe I, FIFA WM 2026 | sportstudio
▶︎

Norwegen – Frankreich Highlights | Gruppe I, FIFA WM 2026 | sportstudio

She Asks if I Know Coldplay and This Singer Shocks The Street
▶︎

She Asks if I Know Coldplay and This Singer Shocks The Street

Why Aliens Would NEVER Invade Africa
▶︎

Why Aliens Would NEVER Invade Africa

The Problem With End-to-End Encryption
▶︎

The Problem With End-to-End Encryption

Broken Authentication - Password Reset Poisoning via Middleware
▶︎

Broken Authentication - Password Reset Poisoning via Middleware

I Made an Antivirus That Secretly Attacks Scammers
▶︎

I Made an Antivirus That Secretly Attacks Scammers

Authentication Vulnerabilities - Lab #8 2FA broken logic | Short Version
▶︎

Authentication Vulnerabilities - Lab #8 2FA broken logic | Short Version

Rowan Atkinson's Brilliant Humor Leaves Celebrities in Tears!
▶︎

Rowan Atkinson's Brilliant Humor Leaves Celebrities in Tears!

Godfather of AI WARNS: We Cannot Stop What's Coming
▶︎

Godfather of AI WARNS: We Cannot Stop What's Coming

Linus Torvalds Just EXPOSED Microsoft's Biggest Problem Yet
▶︎

Linus Torvalds Just EXPOSED Microsoft's Biggest Problem Yet

SQL Injections are scary!! (hacking tutorial for beginners)
▶︎

SQL Injections are scary!! (hacking tutorial for beginners)

Authentication Vulnerabilities - Lab #7 Username enumeration via account lock | Short Version
▶︎

Authentication Vulnerabilities - Lab #7 Username enumeration via account lock | Short Version

4K Framed TV Art Screensaver | White Hydrangeas 🌸 | Classic Floral Painting
▶︎

4K Framed TV Art Screensaver | White Hydrangeas 🌸 | Classic Floral Painting

HTTP Host Header Attacks Lab Breakdown: Basic password reset poisoning
▶︎

HTTP Host Header Attacks Lab Breakdown: Basic password reset poisoning

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!